利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

30 条记录 (耗时 0.027 秒)

    Quality of service improvements for network transactions
    21.
    发明授权
    Quality of service improvements for network transactions 失效
    网络交易服务质量改进

    公开(公告)号:US07213071B2

    公开(公告)日:2007-05-01

    申请号:US09825078

    申请日:2001-04-03

    申请人: Roberto DeLima John R. Hind Marcia L. Peters

    发明人: Roberto DeLima John R. Hind Marcia L. Peters

    IPC分类号: G06F15/16

    CPC分类号: H04L41/147 H04L67/02 H04L67/322

    摘要: Methods, systems, computer program products, and methods of doing business by improving quality of service (“QoS”) in network exchanges comprising a plurality of related request and response messages. A TQoS (“transactional QoS”) cookie is defined, which is used to store information needed when controlling response time (and perhaps other QoS factors as well) for messages exchanged with a particular client. In preferred embodiments, this QoS information comprises a relative priority for these related messages and an available bandwidth for transmitting messages to the client. The disclosed techniques enable applying consistent QoS requirements for delivery of all the related Web objects comprising a transaction. No changes are required on client devices or in client software, and there is no dependency on a client to support cookies.

    摘要翻译: 方法,系统,计算机程序产品和通过提高包括多个相关请求和响应消息的网络交换服务质量(“QoS”)来进行业务的方法。 定义了TQoS(“事务性QoS”)cookie,用于在与特定客户端交换的消息控制响应时间(以及可能的其他QoS因素)时存储所需的信息。 在优选实施例中,该QoS信息包括这些相关消息的相对优先级和用于向客户端发送消息的可用带宽。 所公开的技术使得能够对包括事务的所有相关Web对象的传送应用一致的QoS要求。 在客户端设备或客户端软件中不需要进行任何更改,并且客户端不依赖于支持Cookie。

    Selective data encryption using style sheet processing for decryption by a client proxy
    22.
    发明授权
    Selective data encryption using style sheet processing for decryption by a client proxy 失效
    使用样式表处理进行选择性数据加密,由客户端代理解密

    公开(公告)号:US06978367B1

    公开(公告)日:2005-12-20

    申请号:US09422492

    申请日:1999-10-21

    申请人: John R. Hind Marcia L. Peters Brad B. Topol

    发明人: John R. Hind Marcia L. Peters Brad B. Topol

    IPC分类号: G06F1/28 G06F21/00 H04L29/06

    CPC分类号: H04L63/20 G06F21/577 G06Q20/3821 G06Q20/3829 H04L63/0428 H04L63/06 H04L63/102 H04L63/105 H04L63/168

    摘要: A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

    摘要翻译: 一种用于使用样式表处理选择性地加密文档的一个或多个元素的方法,系统和计算机程序产品。 公开了一种策略驱动的增强样式表处理器(例如可扩展样式表语言或“XSL”处理器),其创建携带密钥分发材料的选择性加密的文档(例如可扩展标记语言或“XML”文档) ,使得通过使用增强的文档处理器(例如增强的XML处理引擎),代理人可以仅恢复其被授权的信息元素。 与文档相关联的文档类型定义(DTD)或模式被修改,使得DTD或模式指定对要应用于文档元素的存储的安全策略的引用。 每个文档元素可以指定不同的安全策略,使得可以不同地加密单个文档的不同元素(并且一些元素可以保持未加密)。 密钥分发材料使得文档被加密以供在文档创建时未知的受众解密,并且使得能够访问要为多个用户和/或用户组控制的单个加密文档的不同元素。 以这种方式,通过让更多的人更容易地访问他们获得授权的信息,同时保护敏感数据免受未经授权的代理人的改进,可以改善团队合作。 还定义了关键恢复技术,由此整个文档可以由授权代理进行解密,而不管不同元素最初被加密以及应用于这些元素的访问保护。

    Method and an apparatus for detecting a need for security and invoking a secured presentation of data
    23.
    发明授权
    Method and an apparatus for detecting a need for security and invoking a secured presentation of data 有权
    用于检测对安全性的需求并调用数据的安全呈现的方法和装置

    公开(公告)号:US06918039B1

    公开(公告)日:2005-07-12

    申请号:US09573859

    申请日:2000-05-18

    申请人: John R. Hind Marcia L. Peters

    发明人: John R. Hind Marcia L. Peters

    IPC分类号: G06F21/00 H04K1/00 H04L9/00 H04L29/06 G06F11/30 G06F12/14 H04L9/32

    CPC分类号: H04L63/0428 G06F21/6218 G06F2221/2111 G06F2221/2113 H04K1/00 H04L9/00 H04L2209/76 H04L2209/80

    摘要: A method and an apparatus in a data processing system detects the presence of sensitive data and renders this data in a secured manner. The data processing system may be any device with information presentation capability which can receive data from a network. Detecting a need for secured rendering may include recognition that the data was encrypted, tags in the data indicating a level of secured rendering, or various forms of pre-arrangement between the sender and the recipient. Ways to determine if the recipient is in a secured environment include detection of conversations in the environment, video images showing people in the environment, analysis of infrared signals, determining the location of the data processing system using GPS or similar means, or interaction with an authenticated user. The means for rendering may be specified in the data, may be determined by the recipient, may be determined by pre-agreement between the sender and recipient, or may be based on the capability of the data processing system. Secured rendering means include, but are not limited to, display of data in a visual format that requires a special lens for detection, speaking the data into a speaker device in an ear canal of the recipient, or use of a special coded format known only to the recipient.

    摘要翻译: 数据处理系统中的方法和装置检测敏感数据的存在并以安全的方式呈现该数据。 数据处理系统可以是可以从网络接收数据的具有信息呈现能力的任何设备。 检测对安全渲染的需要可以包括:数据被加密的识别,指示安全渲染级别的数据中的标签,或发送者和接收者之间的各种形式的预先安排。 确定接收者是否处于安全环境中的方法包括:检测环境中的对话,在环境中显示人的视频图像,红外信号的分析,使用GPS或类似装置确定数据处理系统的位置,或与 认证用户。 用于呈现的装置可以在数据中指定,可以由接收者确定,可以通过发送者和接收者之间的预先协商来确定,或者可以基于数据处理系统的能力。 安全渲染装置包括但不限于以视觉格式显示需要特殊镜头进行检测的数据,将数据说明在接收者的耳道中的扬声器装置中,或使用仅仅被公认的特殊编码格式 给收件人

    URL-based sticky routing tokens using a server-side cookie jar
    24.
    发明授权
    URL-based sticky routing tokens using a server-side cookie jar 有权
    使用服务器端cookie jar的基于URL的粘性路由令牌

    公开(公告)号:US08543644B2

    公开(公告)日:2013-09-24

    申请号:US13535878

    申请日:2012-06-28

    申请人: Christopher A. S. Gage John Hind Marcia L. Peters

    发明人: Christopher A. S. Gage John Hind Marcia L. Peters

    IPC分类号: G06F15/16

    CPC分类号: H04L29/06 H04L67/1002 H04L2029/06054

    摘要: A method, system and program product are presented for enabling a session, as defined by a series of related transactions to perform a unit of work, to be created between a client and a particular server where the server is managed by a dispatcher. Modifications to the Uniform Resource Locator (URL) are used to create a method of transferring information form the client to the server. The server implements a server-side storage area (cookie jar) to temporarily store information about the client and the session so that the client is routed to the same server for successive messages in the same session and no reliance is made upon an ability by the client to store or return cookies.

    摘要翻译: 提供了一种方法,系统和程序产品,用于使得由一系列相关事务定义的会话能够执行在客户端和服务器由调度程序管理的特定服务器之间创建的工作单元。 对统一资源定位符(URL)的修改用于创建从客户端向服务器传输信息的方法。 服务器实现服务器端存储区域(cookie jar)以临时存储有关客户端和会话的信息,以便客户端被路由到相同的服务器,用于同一会话中的连续消息,并且不依赖于 客户端存储或返回Cookie。

    Technique for digitally notarizing a collection of data streams
    26.
    发明授权
    Technique for digitally notarizing a collection of data streams 失效

    公开(公告)号:US07028184B2

    公开(公告)日:2006-04-11

    申请号:US09764541

    申请日:2001-01-17

    申请人: John R. Hind Marcia L. Peters

    发明人: John R. Hind Marcia L. Peters

    IPC分类号: H04L9/00 H04N7/167

    CPC分类号: H04L9/3236 H04L9/3247 H04L2209/38 H04L2209/56 H04L2209/60 H04L2209/80

    摘要: A method, system, computer program product, and method of doing business by digitally notarizing a collection of data streams, thereby improving security of the contents of the data streams. Preferably, public key cryptography is used, wherein the collection of data streams is digitally signed (i.e. notarized) using a private cryptographic key of a digital notary, such that an associated public cryptographic key can be used to verify the authenticity and integrity of the collection of data streams. One or more components which are involved in creating the data streams are preferably authenticated, and a unique identifier of each such component is included within cryptographically-protected information that is provided for the digital notarization. The authenticated identities of the components can therefore be determined from the digital notarization.

    Clickstream data collection technique
    27.
    发明授权
    Clickstream data collection technique 有权

    公开(公告)号:US07003565B2

    公开(公告)日:2006-02-21

    申请号:US09825097

    申请日:2001-04-03

    申请人: John R. Hind Binh Q. Nguyen Marcia L. Peters

    发明人: John R. Hind Binh Q. Nguyen Marcia L. Peters

    IPC分类号: G06F15/173

    CPC分类号: G06Q30/02 H04L67/02 H04L67/22 H04L69/329

    摘要: Methods, systems, computer program products, and methods of doing business by improving collection of clickstream data in network exchanges comprising a plurality of related request and response messages. A clickstream cookie is created by an application, and contains a clickstream data collection correlator for messages of a particular transaction. A Uniform Resource Locator (“URL”) token is created, and is used both in URLs of messages and in cookies downstream of a cookie jar for locating the application-generated correlator. In preferred embodiments, this application-generated correlator is a unique value which is used to identify related clickstream data once it is collected. A flag may also be used to indicate whether data collection is enabled. No changes are required on client devices or in client software, and there is no dependency on a client to support cookies. Using the disclosed techniques, a particular application may specify varying clickstream data collection requirements for the transactions it generates.

    Methods, systems, and computer program products for securely transforming an audio stream to encoded text
    28.
    发明授权
    Methods, systems, and computer program products for securely transforming an audio stream to encoded text 有权
    用于将音频流安全地转换为编码文本的方法,系统和计算机程序产品

    公开(公告)号:US06990444B2

    公开(公告)日:2006-01-24

    申请号:US09765127

    申请日:2001-01-17

    申请人: John R. Hind Marcia L. Peters

    发明人: John R. Hind Marcia L. Peters

    IPC分类号: G10L15/26

    CPC分类号: G10L21/06 H04L63/08 H04L2463/082

    摘要: A method, system, computer program product, and method of doing business by providing improved audio compression wherein an audio stream is securely transformed to an encoded text stream (such as an ASCII, EBCDIC, or Unicode text stream). One or more components which are involved in the transformation process are authenticated. A unique identifier of each such component is included within cryptographically-protected information that is provided for the encoded text stream. A digital signature is preferably used for the cryptographic protection, thereby digitally notarizing the encoded text stream. The authenticity and integrity of the encoded text stream can therefore be verified. In preferred embodiments, the authenticated identities of components performing the transformation can also be determined from the cryptographically-protected information. The encoded text stream will typically require much less storage space than the audio stream, and providing the digital notarization along with the encoded text stream serves to reliably establish evidence of the contents of the audio stream (even though a perfect speech-to-text transformation might not be achieved).

    摘要翻译: 通过提供改进的音频压缩来进行业务的方法,系统,计算机程序产品和方法,其中音频流被安全地转换成编码文本流(例如ASCII,EBCDIC或Unicode文本流)。 参与转换过程的一个或多个组件被认证。 每个这样的组件的唯一标识符被包括在为编码的文本流提供的加密保护的信息中。 数字签名最好用于密码保护,从而对经编码的文本流进行数字公证。 因此,可以验证编码文本流的真实性和完整性。 在优选实施例中,执行转换的组件的认证身份也可以从密码保护信息中确定。 编码的文本流通常比音频流要少得多的存储空间,并且提供数字公证以及编码的文本流用于可靠地建立音频流的内容的证据(即使完美的语音到文本转换 可能无法实现)。

    Using device certificates to authenticate servers before automatic address assignment
    29.
    发明授权
    Using device certificates to authenticate servers before automatic address assignment 失效
    在自动地址分配之前,使用设备证书验证服务器

    公开(公告)号:US06823454B1

    公开(公告)日:2004-11-23

    申请号:US09435415

    申请日:1999-11-08

    申请人: John R. Hind Marcia L. Peters

    发明人: John R. Hind Marcia L. Peters

    IPC分类号: H04L900

    CPC分类号: H04L63/0823 H04L29/12066 H04L29/12216 H04L29/12301 H04L61/1511 H04L61/2007 H04L61/2076

    摘要: A device certificate identifies a particular device using a globally-unique device identifier and contains a public key associated therewith. A private key stored in protected storage of the device is used to digitally sign outbound messages, enabling the message receiver to authenticate the message originator. Devices requesting address assignment from a service such as a Boot Protocol or Dynamic Host Configuration Protocol service can be authenticated by that service before an address is assigned. The device of the service providing the address assignment may also digitally sign the requested address, using its own private key, enabling the address receiver to verify that the address provider is authentic before accepting and using the assigned address. A device requesting an update to address information stored in a Domain Name System (DNS) server can be authenticated and/or can ensure that a legitimate DNS has been contacted.

    摘要翻译: 设备证书使用全局唯一的设备标识符来标识特定设备,并且包含与其相关联的公钥。 存储在设备的受保护存储器中的私钥用于对出站消息进行数字签名,使得消息接收者能够对消息始发者进行认证。 在分配地址之前,请求从服务(例如引导协议或动态主机配置协议服务)请求地址分配的设备可以被该服务认证。 提供地址分配的服务的设备也可以使用其自己的专用密钥对所请求的地址进行数字签名,使地址接收者能够在接受和使用分配的地址之前验证地址提供者是否可信。 可以对请求更新来存储在域名系统(DNS)服务器中的信息的设备进行身份验证和/或可以确保已经联系合法的DNS。